ID de Prueba:	1.3.6.1.4.1.25623.1.0.900260
Categoría:	FTP
Título:	Home FTp Server DOS And Multiple Directory Traversal Vulnerabilities
Resumen:	Home Ftp Server is prone to Denial of Service and Directory Traversal Vulnerabilities using invalid commands.
Descripción:	Summary: Home Ftp Server is prone to Denial of Service and Directory Traversal Vulnerabilities using invalid commands. Vulnerability Insight: - An error in the handling of multiple 'SITE INDEX' commands can be exploited to stop the server. - An input validation error when handling the MKD FTP command can be exploited to create directories outside the FTP root or create files with any contents in arbitrary directories via directory traversal sequences in a file upload request. Vulnerability Impact: Successful exploitation will allow attackers to cause a Denial of Service or directory traversal attacks on the affected application. Affected Software/OS: Home FTP Server version 1.10.1.139 and prior. Solution: Upgrade to Home FTP Server version 1.10.3.144 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4051 BugTraq ID: 37033 http://www.securityfocus.com/bid/37033 Bugtraq: 20091116 Home FTP Server 'SITE INDEX' Command Remote Denial of Service Vulnerability (Google Search) http://www.securityfocus.com/archive/1/507893/100/0/threaded http://secunia.com/advisories/37381 http://www.vupen.com/english/advisories/2009/3269 Common Vulnerability Exposure (CVE) ID: CVE-2009-4053
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.